Cross-site scripting (XSS) vulnerabilities.In this case, relevant is defined as security concepts that are pertinent to the features developed or tested during the sprint. You can also consult the SDL Pro Network for training courses and recommendations.Īdditionally, in the interests of staying lean, engineers and testers performing security-related tasks or SDL-related tasks should acquire relevant security knowledge prior to performing the tasks on the sprint.
Consult your sprint leader for a list of courses that satisfy SDL training requirements. If more than 20 percent of the project members are out of compliance with this non-negotiable requirement, the requirement is failed (and consequently so is the sprint, and the product is not allowed to release). Security EducationĮach member of a project team must complete at least one security training course every year. While the previous section focused on requirements specific to the SDL-Agile, this section focuses on tasks associated with the SDL and how they are applied within the Agile framework.
0 kommentar(er)
